本帖最后由 zhaorong 于 2017-3-9 12:40 编辑
Docker 简介
Docker 是一个开源的应用容器引擎,让开发者可以打包他们的应用以及依赖包到一个可移植的容器中,然后发布到任何流行的 Linux 机器上,也可以实现虚拟化。容器是完全使用沙箱机制,相互之间不会有任何接口。
Docker 官网:http://www.docker.com/
Docker 官方文档:https://docs.docker.com/
Docker Github 地址:https://github.com/docker/docker
Docker 仓库:https://hub.docker.com/
Docker 中文社区:http://www.docker.org.cn/book/docker
Docker 应用场景:https://www.zhihu.com/question/22969309
1.1、什么是Docker?
Docker是基于Go语言实现的云开源项目,诞生于2013年初,最初发起者是dotcloud公司。
Docker是一个开源的引擎,可以轻松的为任何应用创建一个轻量级的、可移植的、自给自足的容器。开发者在笔记本上编译测试通过的容器可以批量地在生产环境中部署,包括VMs(虚拟机)、bare metal、OpenStack 集群和其他的基础应用平台。
docker中文社区
Docker的主要目标是'Build,Ship and Run Any App Anywhere',即通过对应用组件的封装(Packing)、分发(Distribution)、部署(Deployment)、运行(Runtime)等生命周期的管理,达到应用组件级别的“一次封装,多次运行”。这里的应用组件,既可以是一个Web应用,也可以是一套数据库服务,甚至是一个操作系统或编辑器。
1.2、为什么要使用Docker?
Docker在正确的地点,正确的时间顺应了正确的趋势--即高效的构建应用。
更快速地的交付和部署。
更高效的资源利用
更轻松的更新部署
更简单的更新管理
Docker与虚拟机比较
Docker容器很快,启动和停止可以秒级实现,相比传统的虚拟机方式快很多
Docker容器对系统资源需求很少,一台主机上面可以运行数千个Docker容器
Docker通过类似Git的操作来方便用户获取、分布和更新应用镜像,指令简单,学习成本较低
Docker通过Dockerfile配置文件来支持灵活的自动化创建和部署机制,提高工作效率
1.3、 虚拟化与Docker
虚拟化是一个通用的概念,在不通领域有着不同的理解。在计算机领域,一般是指计算虚拟化(Computing Virtualization),或服务器虚拟化。
虚拟化的核心是对资源进行抽象,目标往往是为了在同一主机上运行多个操作系统或应用,从而提高系统资源的利用率,同时带来降低成本,方便管理和容错容灾。
虚拟化可分为基于硬件的虚拟化和基于软件的虚拟化。基于软件的虚拟化又分为应用虚拟化和平台虚拟化。平台虚拟化又细分如下几个子类:
完全虚拟化。虚拟机模拟完整的底层硬件环境和特权指令的执行过程,客户操作系统无需进行修改。例如VMware Workstation,VirtulBox,QEMU等
硬件辅助虚拟化。利用硬件辅助支持处理敏感指令来实现完全虚拟化的功能,客户端操作系统无需更改,例如Xen,KVM等
部分虚拟化。只针对部分硬件资源进行虚拟化,客户端操作系统需要进行更改。
超虚拟化。部分硬件接口以软件的形式提供给客户机操作系统,客户机操作系统需要进行更改。
操作系统级虚拟化。内核通过创建多个虚拟的操作系统实例来隔离不同的进程,Docker技术。
Docker 安装
安装Docker是操作系统级虚拟化工具,它可以在Containers中自动部署应用程序
安装docker
- [root@linuxprobe~]# yum -y install docker
- [root@linuxprobe~]# systemctl start docker
- [root@linuxprobe~]# systemctl enable docker
- [root@linuxprobe ~]# systemctl status docker # 查看docker状态
- ● docker.service - Docker Application Container Engine
- Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
- Active: active (running) since Wed 2016-10-26 19:38:40 CST; 12s ago
- Docs: http://docs.docker.com
- Main PID: 3762 (docker-current)
- CGroup: /system.slice/docker.service
- └─3762 /usr/bin/docker-current daemon --exec-opt native.cgroupdriver=systemd --selinux-enabled --log-driver=journald
- Oct 26 19:38:39 linuxprobe.org docker-current[3762]: time="2016-10-26T19:38:39.844803185+08:00" level=info msg="devmapper: Successfully created filesystem xfs on device docker-253:0-104354176-base"
- Oct 26 19:38:39 linuxprobe.org docker-current[3762]: time="2016-10-26T19:38:39.994708787+08:00" level=info msg="Graph migration to content-addressability took 0.00 seconds"
- Oct 26 19:38:40 linuxprobe.org docker-current[3762]: time="2016-10-26T19:38:40.018129400+08:00" level=info msg="Firewalld running: true"
- Oct 26 19:38:40 linuxprobe.org docker-current[3762]: time="2016-10-26T19:38:40.294869786+08:00" level=info msg="Default bridge (docker0) is assigned with an IP address 172.17.0.0/16. Daemon option --bip can ...red IP address"
- Oct 26 19:38:40 linuxprobe.org docker-current[3762]: time="2016-10-26T19:38:40.567994904+08:00" level=info msg="Loading containers: start."
- Oct 26 19:38:40 linuxprobe.org docker-current[3762]: time="2016-10-26T19:38:40.568039413+08:00" level=info msg="Loading containers: done."
- Oct 26 19:38:40 linuxprobe.org docker-current[3762]: time="2016-10-26T19:38:40.568047306+08:00" level=info msg="Daemon has completed initialization"
- Oct 26 19:38:40 linuxprobe.org docker-current[3762]: time="2016-10-26T19:38:40.568058527+08:00" level=info msg="Docker daemon" commit=cb079f6-unsupported execdriver=native-0.2 graphdriver=devicemapper version=1.10.3
- Oct 26 19:38:40 linuxprobe.org docker-current[3762]: time="2016-10-26T19:38:40.572491688+08:00" level=info msg="API listen on /var/run/docker.sock"
- Oct 26 19:38:40 linuxprobe.org systemd[1]: Started Docker Application Container Engine.
- Hint: Some lines were ellipsized, use -l to show in full.
下载官方镜像并创建一个Container,并在Container中输出“Welcome to the Docker World”
- [root@linuxprobe ~]# docker pull centos
- Using default tag: latest
- Trying to pull repository docker.io/library/centos ...
- latest: Pulling from docker.io/library/centos
- 08d48e6f1cff: Pull complete
- Digest: sha256:b2f9d1c0ff5f87a4743104d099a3d561002ac500db1b9bfa02a783a46e0d366c
- Status: Downloaded newer image for docker.io/centos:latest
- [root@linuxprobe ~]# docker run centos /bin/echo "Welcome to the Docker World"
- Welcome to the Docker World
使用“i”和“t”选项连接到Container的交互会话,如下所示。如果从Container会话退出,则Container的进程完成
- [root@linuxprobe ~]# docker run -i -t centos /bin/bash
- [root@82699d79557c /]# uname -a
- Linux 82699d79557c 3.10.0-327.el7.x86_64 #1 SMP Thu Nov 19 22:10:57 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
- [root@82699d79557c /]# exit
- exit
- [root@linuxprobe ~]# #back
如果从容器会话中退出并保持容器的进程,请按Ctrl + p和Ctrl + q键
- [root@linuxprobe ~]# docker run -i -t centos /bin/bash
- [root@a05c7fd0a54f /]# [root@linuxprobe ~]#
- [root@linuxprobe ~]# docker ps
- CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
- a05c7fd0a54f centos "/bin/bash" 24 seconds ago Up 23 seconds trusting_fermat
- [root@linuxprobe ~]# docker attach a05c7fd0a54f # connect docekr process
- [root@a05c7fd0a54f /]# [root@linuxprobe ~]# docker kill a05c7fd0a54f # kill docker process
- a05c7fd0a54f
- [root@linuxprobe ~]# docker ps # 查看运行的docker服务
- CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
Docker:添加镜像
在容器中添加镜像文件
例如,使用更新官方映像安装httpd,并将其添加为容器的新映像。该容器是在每次执行docker run命令时生成的,因此添加最新执行的容器如下
- [root@linuxprobe ~]# docker images
- REPOSITORY TAG IMAGE ID CREATED SIZE
- docker.io/centos latest 0584b3d2cf6d Less than a second ago 196.5 MB
- # start a Container and install httpd
- [root@linuxprobe ~]# docker run centos /bin/bash -c "yum -y update; yum -y install httpd"
- [root@linuxprobe ~]# docker ps -a | head -2
- CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
- f36383194ad4 centos "/bin/bash -c 'yum -y" 2 minutes ago Exited (0) 45 seconds ago jolly_cray
- elegant_wright
- [root@linuxprobe ~]# docker commit f36383194ad4 my_image/centos_httpd
- [root@linuxprobe ~]# docker images
- REPOSITORY TAG IMAGE ID CREATED SIZE
- docker.io/centos latest 0584b3d2cf6d Less than a second ago 196.5 MB
- my_image/centos_httpd latest b0be2940865a 7 seconds ago 338.3 MB
访问容器
- root@linuxprobe ~]# docker run -it -p 8081:80 my_image/centos_httpd /bin/bash
- [root@2f0d06526d42 /]# /usr/sbin/httpd &
- [1] 14
- [root@2f0d06526d42 /]# AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message
- [1]+ Done /usr/sbin/httpd
- [root@2f0d06526d42 /]# echo "httpd on Docker Container" > /var/www/html/index.html # exit with Ctrl+p, Ctrl+q
- [root@2f0d06526d42 /]# [root@linuxprobe ~]# docker ps
- CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
- 2f0d06526d42 my_image/centos_httpd "/bin/bash" 54 seconds ago Up 52 seconds 0.0.0.0:8081->80/tcp hopeful_gates
- [root@linuxprobe ~]# docker ps -a | head -2
- CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
- 2f0d06526d42 my_image/centos_httpd "/bin/bash" 27 minutes ago Up 27 minutes 0.0.0.0:8081->80/tcp hopeful_gates
客户端浏览器访问
Docker:使用Dockerfile
使用Dockerfile并自动创建Docker镜像
- [1] Dockerfile的格式是[INSTRUCTION arguments],请参阅INSTRUCTION的以下说明。 INSTRUCTION说明 MAINTAINER 它设置生成的图像的作者字段。 RUN 当创建Docker镜像时,它将执行任何命令。 CMD 它将执行任何命令当Docker容器将被执行。 LABEL 它向图像添加元数据。 EXPOSE 它通知Docker容器将在运行时侦听指定的网络端口。 ADD 它复制新文件,目录或远程文件URL。 COPY 它复制新的文件或目录。 [ADD]的区别是,它不可能指定remore URL,也不会自动提取归档文件。 VOLUME 它创建具有指定名称的装入点,并将其标记为从本机主机或其他容器保存外部装入的卷 USER它设置用户名或UID。 WORKDIR 它设置工作目录。
例如,创建一个Dockerfile来安装httpd并添加index.html,并使用80端口启动httpd
- [root@linuxprobe ~]# vim Dockerfile
- # create new
- FROM centos
- MAINTAINER linuxprobe <admin@linuxprobe.org>
- RUN yum -y install httpd
- RUN echo "Hello LinuxProbe DockerFile" > /var/www/html/index.html
- EXPOSE 80
- CMD ["-D", "FOREGROUND"]
- ENTRYPOINT ["/usr/sbin/httpd"]
- [root@linuxprobe ~]# docker build -t web_server:latest .
- Sending build context to Docker daemon 21.5 kB
- Step 1 : FROM centos
- ---> 0584b3d2cf6d
- Step 2 : MAINTAINER linuxprobe <admin@linuxprobe.org>
- ---> Running in 8064d0091e44
- ---> 940c8fbe4161
- Removing intermediate container 8064d0091e44
- Step 3 : RUN yum -y install httpd
- ---> Running in 3d37e4919fa9
- Loaded plugins: fastestmirror, ovl
- Determining fastest mirrors
- * base: mirrors.163.com
- * extras: ftp.sjtu.edu.cn
- * updates: mirrors.163.com
- Resolving Dependencies
- --> Running transaction check
- ---> Package httpd.x86_64 0:2.4.6-40.el7.centos.4 will be installed
- --> Processing Dependency: httpd-tools = 2.4.6-40.el7.centos.4 for package: httpd-2.4.6-40.el7.centos.4.x86_64
- --> Processing Dependency: system-logos >= 7.92.1-1 for package: httpd-2.4.6-40.el7.centos.4.x86_64
- --> Processing Dependency: /etc/mime.types for package: httpd-2.4.6-40.el7.centos.4.x86_64
- --> Processing Dependency: libaprutil-1.so.0()(64bit) for package: httpd-2.4.6-40.el7.centos.4.x86_64
- --> Processing Dependency: libapr-1.so.0()(64bit) for package: httpd-2.4.6-40.el7.centos.4.x86_64
- --> Running transaction check
- ---> Package apr.x86_64 0:1.4.8-3.el7 will be installed
- ---> Package apr-util.x86_64 0:1.5.2-6.el7 will be installed
- ---> Package centos-logos.noarch 0:70.0.6-3.el7.centos will be installed
- ---> Package httpd-tools.x86_64 0:2.4.6-40.el7.centos.4 will be installed
- ---> Package mailcap.noarch 0:2.1.41-2.el7 will be installed
- --> Finished Dependency Resolution
- Dependencies Resolved
- ================================================================================
- Package Arch Version Repository Size
- ================================================================================
- Installing:
- httpd x86_64 2.4.6-40.el7.centos.4 updates 2.7 M
- Installing for dependencies:
- apr x86_64 1.4.8-3.el7 base 103 k
- apr-util x86_64 1.5.2-6.el7 base 92 k
- centos-logos noarch 70.0.6-3.el7.centos base 21 M
- httpd-tools x86_64 2.4.6-40.el7.centos.4 updates 83 k
- mailcap noarch 2.1.41-2.el7 base 31 k
- [code]Transaction Summary
- ================================================================================
Install 1 Package (+5 Dependent packages)
Total download size: 24 M
Installed size: 31 M
Downloading packages:
warning: /var/cache/yum/x86_64/7/base/packages/apr-util-1.5.2-6.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY
Public key for apr-util-1.5.2-6.el7.x86_64.rpm is not installed
Public key for httpd-tools-2.4.6-40.el7.centos.4.x86_64.rpm is not installed
--------------------------------------------------------------------------------[/code]
- Total 382 kB/s | 24 MB 01:05
- Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
- Importing GPG key 0xF4A80EB5:
- Userid : "CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos.org>"
- Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5
- Package : centos-release-7-2.1511.el7.centos.2.10.x86_64 (@CentOS)
- From : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
- Running transaction check
- Running transaction test
- Transaction test succeeded
- Running transaction
- Installing : apr-1.4.8-3.el7.x86_64 1/6
- Installing : apr-util-1.5.2-6.el7.x86_64 2/6
- Installing : httpd-tools-2.4.6-40.el7.centos.4.x86_64 3/6
- Installing : centos-logos-70.0.6-3.el7.centos.noarch 4/6
- Installing : mailcap-2.1.41-2.el7.noarch 5/6
- Installing : httpd-2.4.6-40.el7.centos.4.x86_64 6/6
- Verifying : apr-1.4.8-3.el7.x86_64 1/6
- Verifying : httpd-tools-2.4.6-40.el7.centos.4.x86_64 2/6
- Verifying : apr-util-1.5.2-6.el7.x86_64 3/6
- Verifying : httpd-2.4.6-40.el7.centos.4.x86_64 4/6
- Verifying : mailcap-2.1.41-2.el7.noarch 5/6
- Verifying : centos-logos-70.0.6-3.el7.centos.noarch 6/6
- Installed:
- httpd.x86_64 0:2.4.6-40.el7.centos.4
- [code]Dependency Installed:
- apr.x86_64 0:1.4.8-3.el7
- apr-util.x86_64 0:1.5.2-6.el7
- centos-logos.noarch 0:70.0.6-3.el7.centos
- httpd-tools.x86_64 0:2.4.6-40.el7.centos.4
- mailcap.noarch 0:2.1.41-2.el7
- Complete!
- ---> 3ce9abf4dfea
- Removing intermediate container 3d37e4919fa9
- Step 4 : RUN echo "Hello LinuxProbe DockerFile" > /var/www/html/index.html
- ---> Running in 297d8d666c8d
- ---> 3d185363045b
- Removing intermediate container 297d8d666c8d
- Step 5 : EXPOSE 80
- ---> Running in 017db517e06a
- ---> 5c855e478c3c
- Removing intermediate container 017db517e06a
- Step 6 : CMD -D FOREGROUND
- ---> Running in 6add13fca3cb
- ---> 7a219d9fa6e1
- Removing intermediate container 6add13fca3cb
- Step 7 : ENTRYPOINT /usr/sbin/httpd
- ---> Running in da4671709ee1
- ---> c0d84e256068
- Removing intermediate container da4671709ee1
- Successfully built c0d84e256068
- [root@linuxprobe ~]# docker images
- REPOSITORY TAG IMAGE ID CREATED SIZE
- docker.io/centos latest 0584b3d2cf6d Less than a second ago 196.5 MB
- web_server latest c0d84e256068 36 seconds ago 338.3 MB
- my_image/centos_httpd latest b0be2940865a 4 hours ago 338.3 MB
- [root@linuxprobe ~]# docker run -d -p 80:80 web_server
- c37d25a405a8e0599bf54fe77d78c807a520242a21ccb15b18d6b6ee4d13415b
- [root@linuxprobe ~]# docker ps
- CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
- c37d25a405a8 web_server "/usr/sbin/httpd -D F" 6 seconds ago Up 5 seconds 0.0.0.0:80->80/tcp condescending_knuth
- 2f0d06526d42 my_image/centos_httpd "/bin/bash" About an hour ago Up About an hour 0.0.0.0:8081->80/tcp hopeful_gat
[/code]
|
